Professional Documents
Culture Documents
Azure Infrastructure
Azure Infrastructure
Cloud
migration
essentials
A guide to migrating servers
and virtual machines
1
Information in this document, including URL and © 2018 Microsoft Corporation. All rights reserved.
other internet website references, is subject to change
without notice. Unless otherwise noted, the companies, Microsoft, Azure, Active Directory, Dynamics,
organisations, products, domain names, email ExpressRoute, Hyper-V, SQL Server, SharePoint, Windows
addresses, logos, people, places and events depicted in and Windows Server are either registered trademarks
examples herein are fictitious. No association with any or trademarks of the Microsoft group of companies.
real company, organisation, product, domain name, All other trademarks are property of their respective
email address, logo, person, place or event is intended owners.
or should be inferred. Complying with all applicable
copyright laws is the responsibility of the user. Without
limiting the rights under copyright, no part of this GARTNER is a registered trademark and service mark
document may be reproduced, stored in or introduced of Gartner, Inc. and/or its affiliates in the US and
into a retrieval system, or transmitted in any form or internationally, and is used herein with permission.
by any means (electronic, mechanical, photocopying, All rights reserved.
recording or otherwise) or for any purpose, without the
express written permission of Microsoft Corporation.
2
Contents
Testing 18
Chapter 2: How do you approach Taking further advantage of your
cloud migration? 6 cloud provider to drive application innovation 19
Identity 11
Configuration analysis 15
Cost planning 16
3
01
Introduction
In the past few years cloud adoption In this guide, you’ll discover:
has increased significantly, as it Preliminary steps to consider when looking
applications and workloads. But cloud migration the right tools and processes, your migration project
requires careful planning and strategy. One of the keys can be fast and friction free. Learn how methods such as
to cloud success is to determine the optimal platform lift and shift rapidly move you to the cloud – reducing
and priorities for running business applications. Once cost immediately and enabling you to focus on future
considered optional, these applications are now central to cloud modernisation. Dive into assess, migration and
infrastructure decisions and achieving company goals. optimisation methods to help along the way, and start to
evaluate next steps in your continuing adoption of cloud
To enable successful migration, it’s important to
resources.
have a strong plan in place that covers the end-cloud
environment, training and, most importantly, the
readiness of your workloads and applications. To do this,
you need to determine how to successfully create the
initial technical plans and business justification, ensure
your workloads will run as expected and perform the
migration with limited impact on the business.
4
"One of our big objectives was to eliminate $3 million in capital
costs over about three years, and to reduce our operating costs by
approximately the same amount. At the same time, we wanted to
improve our quality of service. With Azure, we’re confident that we’ll
meet those goals.”
https://customers.microsoft.com/story/capstone-mining
3
VM sizing calculations are based on the Microsoft Azure
TCO Calculator, which is available at: https://www.tco.microsoft.com/
4
“The Shift to SaaS: A high-value opportunity for ISVs.” Keystone
Strategy. June 2017. Retrieved from: http://info.microsoft.com/rs/157-
GQE-382/images/EN-GB-CNTNT-Whitepaper-Keystone_Shift_to_SaaS_
5 June2017-en-gb.pdf
02
Sometimes cloud migration can Your migration could require you to run parallel and
iterative migration processes as you progressively move
be simple, with only a few decision your applications and workloads to the cloud.
points. However, your case may be Whether your migration is simple or complex, it’s helpful
more complex, depending on how to think of the basic elements of the process. Migration
can be boiled down to three main phases, as illustrated in
many servers and virtual machines the model below.
you use.
PaaS SaaS
Lift and Cloud
shift optimisation
Existing App
on-premises modernisation
apps
IaaS
6
PaaS
SaaS
Rearchitect
Rebuild
Refactor
App data
‘Five Options for Migrating Applications to the Cloud: Rehost, Refactor, Revise, Rebuild or Replace.’ Jeff Woods. Gartner:
5
Figure B5
Figure C5
App data
Code Managed by
customer
Updated
App configuration
‘Five Options for Migrating Applications to the Cloud: Rehost, Refactor, Revise, Rebuild or Replace.’ Jeff Woods. Gartner:
5
App platform
The Future of IT Conference. October 2011. https://gartnerinfo.com/futureofit2011/MEX38L_A2%20mex38l_a2.pdf
Containers
8 Managed by
cloud provider
OS
Rebuild. Revise the existing application by aggressively
App data
adopting PaaS or even software as a service (SaaS)
services and architecture. The process encompasses major
Code
revisions to add new functionality or to rearchitect the
application for the cloud.
Remains App configuration Managed by
An example of this stage would be code redesign to same customer
OS
Managed by
cloud provider
Hardware
App data
Code Managed by
customer
Updated
App configuration
App platform
9
Containers
Managed by
cloud provider
Lift and shift is the most common (and easiest) first step, Internet Information Server (IIS), connected to a database,
enabling you to move quickly to the cloud. Through then it may make sense to proceed directly to the cloud
process discovery efforts, you can easily map the next optimisation stage. In this case, you could migrate
best steps for each workload based on goals, effort that application using Azure App Service and Azure
and complexity. An advantage of this approach is that SQL Database. To do this, you’d need to have a deep
it enables you to sustain parallel migration efforts. understanding of the application, including its complexity
And, as your IaaS projects continue, you can easily start and dependencies.
modernising certain applications to PaaS and even
No matter which option you choose, you need a solution
SaaS options.
that provides a smooth and easy cloud adoption, so
While the migration evolution model shows a potential that you can migrate at your own pace. This requires
step-by-step journey for moving workloads from on- a cloud provider (and core partners) who can deliver
premises to the cloud, the model also suggests that a comprehensive set of tools, methods and offers for
workloads could start at different pivot points. Where you helping with migration and reducing risk. Most of all,
begin depends upon the complexity of the workload and, this solution should offer a simple process that’s easy
ultimately, what you want out of it. For example, if you to follow.
have a simple web application hosted in Windows Server
Assess. Identify and inventory your Migrate. Migrate smarter and faster Optimise. Fine-tune your resources
on-premises resources, such as with flexible, powerful tools, while to strengthen security, improve
applications and workloads, to plan ensuring minimal business impact. performance and maximise return
where your Azure migration should on investment (ROI).
start.
10
With this straightforward framework, you get a proven your workloads? As you’re planning to run your most
approach to migration. This process provides a clear critical applications there, you want to be confident
picture of your entire application and workload that your cloud foundation is solid. If you already have
portfolio, the best way to configure your applications workloads or DevTest running on the cloud, then you
and workloads to achieve migration, convenient tools to may have an environment and connectivity ready to go.
ensure low-impact transfer and ongoing performance However, if you’re new to the cloud or only have a basic
and cost optimisation. set-up there, then you’ll need to perform a few steps
But before migration begins, how do you ensure that before migration.
networking, storage and identity – identity to the cloud to support the migrated workloads.
However, many cloud providers have built-in identity
elements comparable to your solutions provided as a service. These can also integrate
on-premises environment. with your on-premises identity systems to enable single
sign-on for user convenience. As your workloads will
By building this virtual datacentre, you can ensure that now be stored within the cloud, you’ll also want seamless
your applications will continue to support the business access for users between your existing on-premises
after migration, without surprises. systems and the systems you’ve migrated.
Building this in the cloud is a streamlined process, as To ensure a harmonious user experience – while
you can leverage components available there for fast supporting your expected growth into more advanced
assembly and configuration. Many excellent tools as cloud services – a good investment would be a cloud-
well as guidance can help accelerate this step, but below based identity management solution connected to your
are some of the basics – and why they’re important to on-premises environment.
migration.
11
Storage Connectivity
Another necessity in your cloud is a storage platform During migration, you will move vast amounts of data.
that will meet the expected performance needs of your However, you’ll still be moving data even after the bulk
migrated workloads. On-premises, this platform is usually of your critical workloads are hosted in the cloud. As
through network attached storage (NAS) or storage area such, you should consider a more dedicated connectivity
network (SAN) systems. In the cloud, virtual storage is option to help with the data transfer and ultimate end-
often through blobs or page blobs, depending on the user experience.
type of data being stored. You may currently have virtual networks set up, possibly
Fortunately, you can choose from many storage types to using Internet or site-to-site VPNs to connect to your
guarantee reliable performance, including performance cloud environment. While this works well for smaller
and access levels, backup, geographical replication deployments, you’ll need a new approach to run an
and disaster recovery. Working with a virtual storage entire enterprise both during and after migration.
platform means you also have a finer degree of control Azure ExpressRoute, for example, is a compelling tool to
and configuration. You can easily configure exact storage use for this. It ensures both performance and security –
requirements for each workload as needed, without especially in the initial heavy lifting of virtual machines
having to worry about physical architecture. Azure to Azure, which involves considerable data flowing
even offers managed storage, which takes the pain out across the wires. ExpressRoute enables a faster, private
of storage configuration. It requires you to enter just a connection to Azure.
few details before acquiring up to thousands of secure,
Azure Data Box is another option for migrating large
reliable and available disks for your migration project.
amounts of data – when you’re limited by time, network
availability or cost. Data Box is a physical device that you
Networking connect to your network. You load your data to it by
using standard NAS protocols. Then you simply send it to
Networks are crucial. They are the figurative backbone Microsoft through a delivery transport service. Your data
of the datacentre. Moving to the cloud requires a new will then be securely loaded into your Azure environment.
way of networking, since you’re no longer reliant on
physical topology. In fact, you can now overcome
physical boundaries with a single subnet, which
simplifies networking communication.
12
Readiness Beginning your migration
While many core management skills can migrate to the Now it’s time to begin your migration journey to the
cloud, there are some key differences. You’ll need to get cloud. This eBook focuses on a migration process where
up to speed on new skills. However, training takes time you would be moving the bulk of your applications
away from performing core duties, can be costly and, and workloads running in virtual machines to IaaS (and
frequently, doesn’t properly build on what you already plan to modernise after that has been performed). The
know. environment in this scenario is set up in Azure with Azure
Active Directory (linked to on-premises AD) for identity
Azure Essentials can help solve these problems by
management, with managed disks ready to receive the
means of unique learning paths focused on job roles.
data and virtual networks deployed.
This readiness tool offers simple online training in bite-
sized pieces, practical labs and assessments to test your
knowledge. It’s the fastest way for your team to grow
their skills and, best of all, it’s free.
13
03
Assess
14
Assess in four steps
Technical and business planning for migration comes down to four straightforward steps:
Discovering servers and virtual machines is usually a Many tools provide server dependency mapping, but
straightforward process. It relies on interaction directly don’t extend to application dependencies. To ensure a
with the endpoint (using an agent) or managing full picture of all communication between workloads, you
hypervisor (such as vSphere or Hyper-V). need a tool that will do both. This will allow you to create
visual maps of all your applications and workloads, which
Ultimately, the goal of the assess phase is to collect
server and application information, including type, enables their interaction as a single entity for costing,
configuration, usage and applications that may be configuration analysis and eventually migration.
running.
Configuration analysis
The assess process enables you to ensure that each will migrate with no modifications, which workloads
workload will function on your cloud platform. Through might require basic modifications to comply and which
the collected analysis, assessment tools will be able to workloads are not compatible in their current formation,
provide metrics on the compatibility of the workload in as well as provide guidelines to remediate potential issues
the cloud. For example, is the workload OS supported? or recommend configuration changes.
Or are there specific hardware dependencies that may
not be replicated in a cloud environment (such as running
an UEFI boot, which is larger than a 4 TB data disk size)?
Configuration analysis should tell you which workloads
15
Cost planning
The final step of the assess phase is collecting resource For further information
usage reporting (such as CPU, memory and storage). on these tools, explore
This is important, as on-premises virtual machines are
often over-provisioned, but actually utilised under 20%. the following resources:
If you were to take the physical configuration of your
on-premises server and map this to an IaaS VM series Azure Migrate. Take advantage of discovery,
type, you would likely find that you were paying for assessment, guidance, insight and mechanisms
more performance and scale than you need. for cloud migration through this free integrated
Since the cloud is costed as a usage model, you should Azure service.
ensure your choice meets both performance and › Learn more about Azure Migrate
7
zure Hybrid Benefit. Retrieved from:
A
https://azure.microsoft.com/pricing/hybrid-benefit/
16
04
Migrate
Once you have completed your This eBook focuses on the rehost approach, moving
applications running on traditional servers and virtual
discovery and assessment, it’s time machines to Azure IaaS. In many cases, organisations will
to prepare for the next step: cloud start with lift and shift to drive rapid migration and early
cost savings. Lift and shift involves no change in your app
migration. or workload framework or architecture; it simply means
This is where, after you have landed on your migration exchanging hardware and OS management with the
goals and gathered all requirements and constraints, you cloud environment. This approach requires confidence
can choose the best method of migration. regarding two key issues. Can your workload be easily
migrated, without too many manual steps? Will your
Earlier in this eBook, we overviewed the migration
workload function as expected in the cloud? As such,
evolution model that showed workloads progressing
several decision points come into play based on what’s
through phases of lift and shift, cloud optimisation and
being moved, and especially how (or if) you want to
eventually app modernisation.
access it while the migration is taking place.
During the migration effort, you’ll determine the
The lift and shift method most often employed for server
approach that best meets your requirements. This is
or VM migration is real-time replication, because of its
best addressed per application. Essentially, in this phase,
flexibility and capability in staged migration. Real-time
you’re physically moving your workloads and applications
replication allows the workload to remain online and
(including their data) to the cloud and planning to retire
accessible during the migration. And, as you’ll see in the
the on-premises versions. Every organisation will have
next section, modern tools enable the system to cleanly
a different approach and mixture of using rehosting,
migrate real-time data even when the system is actively
refactoring, rearchitecting or rebuilding for their
being used.
applications.
Refactor
Existing App
on-premises modernisation
apps
IaaS IaaS Re-host Replace
17
Real-time replication
Real-time replication involves setting up a copy of
Cloud provider
the workload in the cloud and allowing asynchronous
replication to keep the copy and the workload in sync.
VM
VM
This model also enables groups of virtual machines vSphere or Hyper-V Host Firewall
Testing
Testing is integral to ensuring system health before final Migration tools can also do the final launch in your cloud
cut-over. Many migration tools include options to start up and turn off the on-premises version. In some cases, you
your set of VMs in an isolated environment, which allows may have to update some DNS records for the new cloud-
you to mimic the production environment in the cloud. based workloads. However, if you migrated to use DNS
This means that you can fully test the application without in the cloud as part of your initial environment setup, this
affecting either the on-premises or cloud production may happen automatically.
versions. Once replication is complete, simply start your
application or workloads using the isolated environment
option, while taking time to test your start-up script or
runbook for any errors. When you’re fully satisfied that
both function as expected, it’s time to perform the final
cut-over.
18
“To expand globally, we can simply clone the infrastructure that
we have running in our US Microsoft Azure datacentre to Azure
datacentres in Asia and elsewhere.”
19
a simple migration where the application is ‘cloud ready’,
but in others configuration changes and code updates
may be required. Fortunately, there are tools available
For further information
that enable you to analyse the code and determine on these tools, explore
the effort required to move to App Service.
the following resources:
For your databases, this is a straightforward process.
Azure provides options for database PaaS services,
Azure Site Recovery. Migrate physical servers
including Azure SQL Database, where you are hosting
or VMs from on-premises to Azure, or support
the data on a full database as a service (DBaaS) platform.
custom replication timing, isolated testing and
Azure SQL Database enables you to host database data
final migration cut-over. You can replicate and
in a service, reducing your database management costs,
migrate your VMs to Azure using right-sizing
but has some limitations compared to a full SQL Server
recommendations for migration as part of the
deployment. If your applications need functionality that
assessment phase and take advantage of Azure
may not be available in Azure SQL Database, then SQL
Hybrid Benefit when the initial replication occurs
Database Managed Instance is recommended. Azure SQL
(as a configuration option). This tool saves you
Database Managed Instance provides the full platform
time, as you don’t need to retroactively go back
experience of SQL Server, but with the underlying OS
and perform these tasks for each VM.
and SQL service fully managed by Azure.
› Learn more about Azure Site Recovery
20
05
Optimise
to ensure that you’re successfully is a shared responsibility between you and your cloud
provider. Azure is built on a foundation of trust and
taking advantage of the cloud’s security, compliance, privacy and transparency. The
performance, scalability and cost- Azure platform provides a secure foundation to host
your infrastructure with built-in security controls and
saving benefits. capabilities to help you further protect your data and
This will enable you to only pay for the services and applications.
resources you use, achieve a greater ROI and receive Azure Security Centre provides unified security
additional savings by taking advantage of the latest cloud management and advanced threat protection across
capabilities. This is also the best time to start looking at hybrid cloud workloads. The Security Centre enables
new services for modernising your application, migrating you to take advantage of several capabilities, including:
to PaaS and even SaaS, where applicable.
› Centralised policy management. Ensure compliance
On-premises tools are not built for cloud scale and with company or regulatory security requirements by
agility. Plus, they’re simply not aligned with the centrally managing security policies across all your
new usage models enabled by the cloud. Continual hybrid cloud workloads.
optimisation is a critical third step in your migration
› Continuous security assessment. Monitor the
journey. Optimisation targets two main areas – ensuring
security of machines, networks, storage and data
peak performance and continual cost efficiency.
services and applications to discover potential security
Once you migrate, you’ll also want to make sure to keep issues.
your virtual machine continuously secure, protect your
› Actionable recommendations. Remediate security
data and monitor your cloud health. And that’s easy to
vulnerabilities before they can be exploited by
do with Azure – once you get an understanding of the
attackers with prioritised and actionable security
full suite of controls and capabilities available to you.
recommendations.
21
› P
rioritised alerts and incidents. Focus on the most Monitoring cloud health
critical threats first with prioritised security alerts and
incidents. As with any system, monitoring is important to drive both
proactive and reactive analysis. Azure provides many
› Integrated security solutions. Collect, search
monitoring services targeted at applications, workloads
and analyse security data from a variety of sources,
and core service health to ensure you have full visibility
including connected partner solutions.
into your current system status – plus, access to important
data when working with a break-fix situation. In Azure,
Protecting data you can use either basic or premium monitoring services.
22
Premium monitoring services build on basic Many premium management solutions are packaged
monitoring and provide powerful analytics with collected sets of logic that provide insights for an application or
data to give you unique insights into your applications service. They rely on log analytics to store and analyse the
and infrastructure. Plus, they present you with data in monitoring data that they collect. Azure Log Analytics
the context of scenarios that are targeted to different enables deeper visibility into your hybrid IT environment
audiences. and allows you to diagnose performance issues from an
› A
pplication Insights enables you to monitor advanced analytics portal in one click.
the availability, performance and usage of your Azure Log Analytics enables you to:
application, whether it’s hosted in the cloud or
› Analyse data. In Log Analytics, you can leverage
on-premises. By instrumenting your migrated or
log searches by constructing queries to analyse the
rearchitected application to work with Application
collected data, using pre-existing dashboards that
Insights, you can quickly identify and diagnose errors
you can customise with graphical views of your most
without waiting for a user to report them. With the
valuable searches. Once you have a defined collection
information that you collect, you can make informed
of operational data from your Azure virtual machines
choices on your application’s maintenance and
and activity logs, you can perform powerful searches.
improvements. Application Insights stores its data in
› Visualise data. Log Analytics dashboards can visualise
a common repository where it can take advantage of
all your saved log searches, giving you the ability to
shared functionality such as alerts, dashboards and
find, correlate and share IT operational data in your
deep analysis with the Log Analytics query language.
organisation.
› Service Map provides insight into your IaaS
› Alert data. Alerts in Log Analytics identify important
environment by analyzing virtual machines with
information in your repository. They are created
their different processes and dependencies on other
by alert rules that automatically run log searches
computers and external processes. It integrates
at regular intervals and match certain criteria. With
events, performance data and management solutions
Alert Action, you can perform advanced actions with
in Log Analytics. You can then view this data in the
alerts, such as create an email notification, launch an
context of each computer and its relation to the rest
automation runbook or create an incident record in
of your environment.
your ITSM incident management system.
› Network Watcher provides scenario-based
monitoring and diagnostics for different network
scenarios in Azure. It stores data in Azure metrics
and diagnostics for further analysis.
23
Continual cost efficiency and optimisation Tools for optimisation
Performance monitoring can help you achieve beneficial
cost optimisation. In the initial assessment, you For further information on
performed right-sizing for your on-premises workload
optimisation tools, explore
based on a point in time. Once those workloads are
moved to Azure, their usage may change. For example, the following resources:
if you move a moderately used app from on-premises
to Azure, the initial assessment phase may recommend Security with Azure Security Centre. With
for the middle-tier VM a D2v3 instance (2 vCPU and Security Centre, you can apply security policies
8 GB RAM). However, after six months, the use of that across your workloads, limit your exposure to
application might decline, so you’d want to downsize threats and detect and respond to attacks.
to a lower VM instance to reduce costs. › Learn more about the Azure Security Centre
Azure Cost Management shows you usage and costs so
that you can track trends, detect inefficiencies and create
Azure Cost Management. Get detailed visibility
alerts. All usage and cost data are displayed in intuitive
into the resource costs of running systems
dashboards and reports. With built-in cost management,
on Azure through this service that is tightly
you can continually monitor for CPU and memory usage,
integrated with Azure operations.
enabling recommendations for virtual-machine instances
› Learn more about Azure Cost Management
that can be further right-sized. These services can also
help you monitor for over-utilised VMs and up-size as
needed to ensure performance service level agreements Azure Log Analytics. This service centralises log
(SLAs). Plus, these services can help you discover data from multiple systems in a single data store.
underutilised VMs for potential downsizing. For example, › Learn more about Azure Log Analytics
Azure cost optimisation can provide a regular view of
your current virtual-machine total utilisation.
Monitoring in Azure. Get detailed, up-to-
With a quick glance, you can determine the number of
date performance and utilisation data, access
virtual machines that are consistently under-utilised
to the activity log that tracks every API call and
(that is, running below 90%). Then, with the Azure
diagnostic logs that help you debug issues in
cost optimisation sizing opportunities, you can find
your Azure resources. Management solutions are
recommendations for which VMs should be actioned,
available from Microsoft and partners to provide
as well as the suggested instance change (including
monitoring for various Azure and third-party
potential annual savings).
services.
As you continue to utilise your new IaaS environment, › Learn more about Azure Monitoring
targeting maximum cost savings through Azure Reserved
VM Instances (RI) becomes attractive. Reporting
available in Azure Cost Management can recommend Azure migration partners. Accelerate your
the workloads that would benefit from RIs, maximising migration with experienced assessment partners,
your TCO. who provide many options for your unique
environments.
› Learn more about Azure migration
technology partners
24
06
Summary
No matter why your organisation is The benefits of migration will be immediately apparent
in your time and budget savings. The cloud will allow
looking to move to the cloud, you you to be more agile and, in many cases, respond to
shouldn’t be put off by its seeming business needs faster. The cloud may even lower your
TCO by as much as 84%, freeing you to take that massive
complexity. savings and invest it back into your business to drive
As you’ve learned in this eBook, breaking a migration modernisation faster. Plus, you can explore PaaS and SaaS
down into elemental steps will contribute to a more options, decreasing your TCO even more while expanding
successful migration. You can start this process your IT capability.
with a few applications and then expand to further Whether you’re in the early stages of migration
applications in your environment. assessment, or just starting to plan your approach,
First, you need a clear plan that takes into careful keep in mind that migration can be easier with a
consideration your servers, VMs and workloads – and trusted provider like Microsoft. Through integrated
what’s required for these to function in the cloud. Along tools, a strong partner ecosystem, and rich guidance,
with this assessment, determine your true resource usage you can tread a well-forged path to minimise risk and
and analyse any configuration dependencies for your impact to your business.
workloads. Then, when you go forward with migration,
ensure that your workloads in the cloud are in sync with “Migrating VMware to Microsoft Azure: Total cost of ownership
10